ET DOS User-Agent used in known DDoS Attacks Detected inbound

SID: 2011822Rev: 40 views
History
Sourceet/open
CreatedOctober 18, 2010
UpdatedMay 6, 2020
Classificationdenial-of-service
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DOS User-Agent used in known DDoS Attacks Detected inbound"; flow:established,to_server; http.user_agent; content:"Mozilla/5.0 (Windows|3b 20|U|3b 20|Windows NT 5.1|3b 20|ru|3b 20|rv|3a|1.8.1.1) Gecko/20061204 Firefox/2.0.0.1"; reference:url,www.linuxquestions.org/questions/linux-security-4/massive-ddos-need-advice-help-795298/; classtype:denial-of-service; sid:2011822; rev:4; metadata:created_at 2010_10_18, confidence High, signature_severity Major, updated_at 2020_05_06;)

References

urlwww.linuxquestions.org/questions/linux-security-4/massive-ddos-need-advice-help-795298/

Metadata

created at2010_10_18
confidenceHigh
signature severityMajor
updated at2020_05_06

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!